tokendings

Documentation

Index

• func ClientAssertion(privateJwk *jose.JSONWebKey, clientID string, endpoint string) (string, error)
• func OauthForm(scope, clientAssertion string) url.Values
• type ClientId
  • func (a *ClientId) KubeObjectKey() client.ObjectKey
  • func (a *ClientId) String() string
  • func (a *ClientId) ToFileName() string
• type ClientRegistration
  • func MakeClientRegistration(jwkerPrivateJwk *jose.JSONWebKey, clientPublicJwks *jose.JSONWebKeySet, ...) (*ClientRegistration, error)
• type ClientRegistrationResponse
• type CustomClaims
  • func Claims(clientid, audience string) CustomClaims
• type Instance
  • func NewInstance(baseURL, clientID string, clientJwk *jose.JSONWebKey) *Instance
  • func (t *Instance) DeleteClient(ctx context.Context, appClientId ClientId) error
  • func (t *Instance) RegisterClient(cr ClientRegistration) error
• type SoftwareStatement
• type TokenResponse
  • func GetToken(privateJwk *jose.JSONWebKey, clientID string, scope, endpoint string) (*TokenResponse, error)

Functions

func ClientAssertion

func ClientAssertion(privateJwk *jose.JSONWebKey, clientID string, endpoint string) (string, error)

func OauthForm

func OauthForm(scope, clientAssertion string) url.Values

Types

type ClientId

type ClientId struct {
	Name      string
	Namespace string
	Cluster   string
}

func (*ClientId) KubeObjectKey

func (a *ClientId) KubeObjectKey() client.ObjectKey

func (*ClientId) String

func (a *ClientId) String() string

func (*ClientId) ToFileName

func (a *ClientId) ToFileName() string

type ClientRegistration

type ClientRegistration struct {
	ClientName        string             `json:"client_name"`
	Jwks              jose.JSONWebKeySet `json:"jwks"`
	SoftwareStatement string             `json:"software_statement"`
}

func MakeClientRegistration

func MakeClientRegistration(jwkerPrivateJwk *jose.JSONWebKey, clientPublicJwks *jose.JSONWebKeySet, appClientId ClientId, jwker v1.Jwker) (*ClientRegistration, error)

type ClientRegistrationResponse

type ClientRegistrationResponse struct {
	ClientRegistration
	GrantTypes              []string `json:"grant_types"`
	TokenEndpointAuthMethod string   `json:"token_endpoint_auth_method"`
}

type CustomClaims

type CustomClaims struct {
	Issuer    string          `json:"iss,omitempty"`
	Subject   string          `json:"sub,omitempty"`
	Expiry    jwt.NumericDate `json:"exp,omitempty"`
	NotBefore jwt.NumericDate `json:"nbf,omitempty"`
	IssuedAt  jwt.NumericDate `json:"iat,omitempty"`
	ID        string          `json:"jti,omitempty"`
	Audience  string          `json:"aud,omitempty"`
}

func Claims

func Claims(clientid, audience string) CustomClaims

type Instance

type Instance struct {
	BaseURL      string
	ClientID     string
	ClientJwk    *jose.JSONWebKey
	Metadata     *oauth.MetadataOAuth
	WellKnownURL string
}

func NewInstance

func NewInstance(baseURL, clientID string, clientJwk *jose.JSONWebKey) *Instance

func (*Instance) DeleteClient

func (t *Instance) DeleteClient(ctx context.Context, appClientId ClientId) error

func (*Instance) RegisterClient

func (t *Instance) RegisterClient(cr ClientRegistration) error

type SoftwareStatement

type SoftwareStatement struct {
	AppId                string   `json:"appId"`
	AccessPolicyInbound  []string `json:"accessPolicyInbound"`
	AccessPolicyOutbound []string `json:"accessPolicyOutbound"`
}

type TokenResponse

type TokenResponse struct {
	AccessToken     string `json:"access_token"`
	IssuedTokenType string `json:"issued_token_type"`
	TokenType       string `json:"token_type"`
	ExpiresIn       int64  `json:"expires_in"`
	Scope           string `json:"scope"`
}

func GetToken

func GetToken(privateJwk *jose.JSONWebKey, clientID string, scope, endpoint string) (*TokenResponse, error)

scope = api://tokendings.prod